ioc[.]one - OSINT Cyber Threat Intelligence Database

Rewterz Threat Alert – Ryuk Ransomware Gang Using Zerologon Bug for Swift Attack - Rewterz

Tags

maec-delivery-vectors:	Watering Hole
attack-pattern:	Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	9b490fa0-178e-40da-a152-bb080bc72e75
Fingerprint	805027d56f963c79
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 20, 2020, 5 p.m.
Added to db	Dec. 19, 2024, 1:39 a.m.
Last updated	Dec. 21, 2024, 1:26 a.m.
Headline	Rewterz Threat Alert – Ryuk Ransomware Gang Using Zerologon Bug for Swift Attack
Title	Rewterz Threat Alert – Ryuk Ransomware Gang Using Zerologon Bug for Swift Attack - Rewterz
Detected Hints/Tags/Attributes	37/2/17

Source URLs

	Redirection	Url
Details	Source	https://www.rewterz.com/rewterz-news/rewterz-threat-alert-ryuk-ransomware-gang-using-zerologon-bug-for-swift-attack

URL Provider

Details	Provider	Source level domain
Details	rewterz.com	www.rewterz.com

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	272		cve-2020-1472
Details	CVE	12		cve-2020-3118
Details	Domain	2		cstr3.com
Details	Domain	6		quwasd.com
Details	Domain	7		havemosts.com
Details	md5	1		890206f0c506366d480e02fc9fed988a
Details	md5	1		85057b3f1210043ce7821e249ac96b29
Details	sha1	1		ba1542d9b55fff21bda9495ed884404b0436cff2
Details	sha1	1		72aa6fd75890d657d06ebbd4473f82b5b5c11272
Details	sha256	1		feb8c2bcb71da02dbbeecb999869e053cf96af8cce6f9705cadca4338133d3b5
Details	sha256	1		23ac461f9b5128841cafabb4282432252ea7b57874595cf6fe8457fc1ac65007
Details	IPv4	3		5.2.64.174
Details	IPv4	4		88.119.171.94
Details	IPv4	1		3.137.182.114
Details	Url	1		http://5.2.64.174
Details	Url	1		http://88.119.171.94
Details	Url	1		http://3.137.182.114